Last Updated on August 13, 2025 by Arnav Sharma
Service principals play a pivotal role in Microsoft Entra ID and Azure Active Directory, allowing applications to read and interact with Azure resources under a controlled security identity. These principles are fundamental in how one service, either a single-tenant application or multi-tenant environment, can operate efficiently. When a managed identity is created in Azure, a corresponding service principal is also established in each tenant, representing the specific application’s security identity. This mechanism ensures that Azure users can safely access and manage resources within their tenant or directory. The application, utilizing the service principal, operates under the context of a specific user from that tenant, performing only the actions it is authorized to do. This not only leads to enhanced security but also allows administrators to effectively monitor and manage their applications, thereby safeguarding the integrity and security of their Azure environment.
Steps to create a Service Principal:
Go to Azure and register a new app as shown:
After registration, create a secret:
From Azure copy:
Client ID:
Tenant ID:
Subscription ID โ From Azure Portal.
Value of Secret:
The above values can be used in Application, DevOps etc
Role Assignment:
